News & Insights

Ransomware puts companies on edge

by
Alex Morkos

The latest global ransomware attack, WannaCry, put he world on edge. Rob Wainwright, executive director of Europol, the European Union’s police agency, said the cyberattack hit 200,000 computers in more than 150 countries, and that was just at the beginning of the attack.

The impact in Australia has been minimal but, if you haven’t been hit yet by a cyberattack, it doesn’t mean you’re safe. New generations of WannaCry are being developed and ransomware is becoming one of the most popular and lucrative ways for attackers to target businesses. Small businesses are just as attractive to these cybercriminals as large enterprises; some are even more attractive by virtue of the fact that they’re less likely to have a sophisticated IT security posture in place to protect against such attacks.

This is particularly true given ransomware usually relies on a phishing attack to gain entry to the organisation. Phishing is a social engineering approach that uses fake emails, phone calls, and text messages purporting to be from legitimate organisations. These fake but legitimate-looking communications convince unsuspecting users to click links, download attachments, or answer private security questions. Once they’ve done this, the worm or ransomware can be released.

Phishing scams peak around this time of year. It’s tax time and end of financial year, which is a traditionally busy time. People are less suspicious of an email that looks like it came from the Australian Taxation Office (ATO), Australia Post, or their bank.

But, to stay safe from ransomware and other attacks, you have to be suspicious of any communication you’re not expecting. Double-check these communications by contacting the organisation directly, not using any link or phone number offered by the scammer. Make sure employees are well aware of the risks and put a process in place to deal with potential phishing attacks.

Businesses can protect themselves against ransomware by backing up data regularly, reducing the value of the encrypted data. You should never pay the ransom: it only lets the cybercriminal know that your company is willing to pay, marking you down as a desirable target for future attacks.

Because WannaCry used a known Microsoft vulnerability, this highlights the need to always download and install patches and updates.

Ransomware has been around for decades, but it has increased in prevalence over the last few years because it’s a very lucrative market for cyber attackers. This latest attack is an example of how quickly and easily a ransomware attack can take hold.

The Australian Signals Directorate (ASD) recently doubled its Top 4 cyber security strategies to counter cyberattacks to an Essential Eight. You can find our more on the ASD website or read Aleron’s blog on this topic. The Essential Eight is a list of practical actions that can save the wasted time, money and effort, and avoid the reputational damage that comes with a successful attack.